// Token key in localStorage
const TOKEN_KEY = 'token'
const USER_KEY = 'user'
const USER_PERMISSIONS_KEY = 'user_permissions'

/**
 * Get token from localStorage
 * @returns {string|null} The token or null if not found
 */
export function getToken() {
  return localStorage.getItem(TOKEN_KEY)
}

/**
 * Set token in localStorage
 * @param {string} token - The token to store
 */
export function setToken(token) {
  localStorage.setItem(TOKEN_KEY, token)
}

/**
 * Remove token from localStorage
 */
export function removeToken() {
  localStorage.removeItem(TOKEN_KEY)
}

/**
 * Get user from localStorage
 * @returns {object|null} The user object or null if not found
 */
export function getUser() {
  const userStr = localStorage.getItem(USER_KEY)
  try {
    return userStr ? JSON.parse(userStr) : null
  } catch (e) {
    return null
  }
}

/**
 * Set user in localStorage
 * @param {object} user - The user object to store
 */
export function setUser(user) {
  localStorage.setItem(USER_KEY, JSON.stringify(user))
}

/**
 * Remove user from localStorage
 */
export function removeUser() {
  localStorage.removeItem(USER_KEY)
}

/**
 * Check if user is authenticated
 * @returns {boolean} True if user is authenticated
 */
export function isAuthenticated() {
  return !!getToken()
}

/**
 * Get all user permissions from localStorage
 * @returns {string[]} Array of permission strings
 */
export function getUserPermissions() {
  const permissionsStr = localStorage.getItem(USER_PERMISSIONS_KEY)
  try {
    return permissionsStr ? JSON.parse(permissionsStr) : []
  } catch (e) {
    return []
  }
}

/**
 * Set user permissions in localStorage
 * @param {string[]} permissions - Array of permission strings
 */
export function setUserPermissions(permissions) {
  localStorage.setItem(USER_PERMISSIONS_KEY, JSON.stringify(permissions))
}

/**
 * Remove user permissions from localStorage
 */
export function removeUserPermissions() {
  localStorage.removeItem(USER_PERMISSIONS_KEY)
}

/**
 * Check if the current user has the specified permission
 * @param {string} permission - Permission string in format "resource:action" (e.g., "app:view")
 * @returns {boolean} True if user has the permission
 */
export function hasPermission(permission) {
  const permissions = getUserPermissions()
  // 如果有通配符权限（管理员）
  if (permissions.includes('*')) {
    return true
  }
  // 检查具体权限
  return permissions.includes(permission)
}

/**
 * Check if the current user has any of the specified permissions
 * @param {string[]} requiredPermissions - Array of permission strings
 * @returns {boolean} True if user has any of the permissions
 */
export function hasAnyPermission(requiredPermissions) {
  const permissions = getUserPermissions()
  // 如果有通配符权限（管理员）
  if (permissions.includes('*')) {
    return true
  }
  // 检查是否有交集
  return requiredPermissions.some(p => permissions.includes(p))
}

/**
 * Clear all auth data from localStorage
 */
export function clearAuthData() {
  removeToken()
  removeUser()
  removeUserPermissions()
} 